20 May 2019

Q1 2019 Smashes Record For Most Reported Vulnerabilities in a Quarter

The first quarter of this year broke the record for reported security vulnerabilities, a new report by Risk Based Security shows. A total of 5,501 new flaws were disclosed during this period, most of which were web-based (56.8%). Two additional findings from the report are especially worrisome. The first is

Read More
20 May 2019

Top Cybersecurity Challenges in the Healthcare Industry

New research by Infoblox sheds light on the state of cybersecurity in the healthcare sector. According to the report, a whopping 92% of healthcare organizations believe they can adequately respond to cyber threats. A majority (56%) of companies in the sector uses automated solutions for detecting malicious activity on their

Read More
02 May 2019

New Cybersecurity Report Warns CIOs — ‘If You’re Breached Or Hacked, It’s Your Own Fault’

A new 1E and Vanson Bourne survey conducted among IT and cybersecurity executives in the US and the UK highlights the continued failure of many companies to combat cyber threats, despite increasing security awareness and investments. The report shows that six out of ten organizations experienced a breach in the

Read More
01 May 2019

DHS Orders Agencies to Patch Critical Flaws Within 15 Days

US government agencies need to patch critical security flaws within 15 days and high-severity vulnerabilities within 30 days under BOD 19-02, a new Binding Operational Directive issued by the Department of Homeland Security (DHS). The period for fixing critical issues was cut in half, because the previous directive (BOD 15-01)

Read More
16 Apr 2019

Bad security hygiene still a major risk for enterprise IT networks

A new report[pdf] by Ixia analyses the 2018 cyber threat landscape. According to the report the 5 main security issues last year were: Most product vulnerabilities were the result of software design flaws including well-documented and easily avoidable issues like SQL injection and cross-site scripting vulnerabilities The human factor is

Read More
10 Apr 2019

It’s raining patches, Hallelujah! Microsoft and Adobe put out their latest major fixes

As part of this month’s patch Tuesday, Microsoft and Adobe have issued a total of 117 fixes for security flaws. Microsoft released patches for 74 vulnerabilities, 15 of which are critical flaws. Two of the Windows vulnerabilities are zero-days that have been actively exploited in the wild. The flaws, classified

Read More
08 Apr 2019

CIOs and CISOs hold off on crucial updates due to potential impact on business operations

A new Tanium survey reveals that organizations may not adopt critical updates if these could interfere with business operations. According to the research, the vast majority (81%) of Chief Information Officers (CIOs) and chief information security officers (CISOs) have declined to install a security patch or other type of critical

Read More
13 Mar 2019

25% of software vulnerabilities remain unpatched for more than a year

While it may seem logical that larger organizations are better at handling patch management than small firms with limiter resources, new research by Kenna Security and the Cyentia Institute shows that the opposite is true. The report also highlights the poor state of patch management in general. On average, organizations

Read More
08 Mar 2019

Google: Chrome zero-day was used together with a Windows 7 zero-day

Threat actors have been exploiting a recently patched security flaw in Google Chrome by combining the flaw with a vulnerability affecting Windows 7 machines. The combination of vulnerabilities is critical, as it can enable hackers to take over targeted computers. While Windows is working to find a fix for the

Read More
24 Jan 2019

Apple Patches Dozens of Vulnerabilities in iOS, macOS

Apple has released security patches and other fixes for a host of flaws affecting iOS, macOS, tvOS, watchOS, Safari and iCloud. Many of the 31 iOS patches fixed arbitrary code execution vulnerabilities affecting various features including Bluetooh, FaceTime and Kernel. Other iOS security flaws that were addressed could have enabled

Read More